For Adaxes 2013.2, we focused on making Active Directory automation even more efficient
and flexible, enhancing the logging and notification features, improving Password
Self-Service, preventing brute force attacks on Web Interface, and much, much more
- all to make Active Directory management easier, faster, and secure.

We paid a lot of attention to detail, even to small things that are really unnoticeable
at first glance. Many improvements and ideas suggested by our customers are included
in this release. As usual, we made great efforts to enhance performance of Adaxes,
making it even more faster and productive.

Logging

External MS SQL Database

Now Adaxes can be configured to store log records in an external MS SQL database.
This option is especially helpful if you have multiple replicated Adaxes services,
as log records generated by all the services will be stored in one database. Adaxes
supports distributed MS SQL databases (databases that are spread out over several
hosts).

SIEM Integration via Syslog

The new release introduces support for the Syslog protocol, allowing you to integrate
Adaxes into SIEM (Security Information and Event Management) products and enterprise
audit logging solutions.

Web Interface

Brute Force Attack Protection

Adaxes Web Interface is now protected against brute-force attacks aimed at stealing
passwords and locking out accounts. The protection measures include captcha verification,
web server response delays, and security questions.

Group Membership Filtering

Now you can configure the Members and Member Of sections to display
only objects that match certain criteria. For example, you can configure Member Of
section to display only groups whose name contains Office. Or, you can configure
Members section to display only users belonging to the department of the
logged-on user.

Adding New Web Interfaces

Adding new Web Interfaces is now very easy. Instead of manually copying files and
configuring IIS, now you can use a simple user interface. But what is more important
is that you don't need to do anything when upgrading to a newer version of Adaxes,
as the job to upgrade custom Web Interfaces is done by the Backup/Restore utility.

Enhanced AD Reports

All Active Directory reports related to password management now honor Fine-Grained
Password Policies. Also, we have added two new reports: Recently Created Groups
and Recently Modified Groups.

Refined Active Directory Pane

The Active Directory pane serves to display specific AD objects on the Home page.
We have added an option to show different objects depending on who is connected
to the Web Interface. For example, you can configure the pane to display a group
called Staff that is located in the Organizational Unit of the logged-on
user.

More Options for List Views

Now, list views for Active Directory objects can display columns that show custom
object properties stored in Adaxes (e.g. CustomAttributeText1). Also, we have added
an option to set the default page size for Active Directory object lists.

Automation

Scheduled Task Load Balancing

In the new version it is possible to bind a Scheduled Task to a specific Adaxes
service. A task bound to an Adaxes service runs on that service only and under no
circumstances is reassigned to another one. This option is helpful if you have multiple
replicated Adaxes services and want to manually distribute the load across them.

Scheduled Tasks Management

It has become easier to control execution of Scheduled Tasks. The tasks that are
currently running are highlighted bold in the Console Tree. For each task you can
view the host on which it runs, how long it runs, and the duration of the last execution.
Also, now you can manually stop a Scheduled Task that is currently running.

More Flexible Actions/Conditions

Now you have more flexibility when working with Business Rules, Custom Commands,
and Scheduled Tasks, as we have extended some actions and conditions to support
value references. This enables you to define different behaviour depending
on the object on which the operation is performed and the operation initiator.

Actions and conditions

Value references are now supported in:

Add/Remove object from group action

Move object action

If located under <location> condition

If is a member of <Group> condition

If the initiator is a member of <Group> condition

If the initiator is <User> condition

HTML Email Notifications

E-mail notifications sent by Business Rules, Custom Commands, and Scheduled Tasks
can now be formatted as HTML. To compose HTML-formatted notifications you can use
the embedded visual HTML editor.

Approval Workflow

Improved Group Support

The Approval Workflow module now supports scenarios in which objects are managed
by a group of users. When a request is submitted for approval to the owner or manager
of an object, and the owner/manager is a group, members of the group are recognized
as approvers and are able to approve or deny the request.

Viewing and Notifying Approvers

Now, when working with approval requests in Adaxes Web Interface, it is possible
to view all approvers authorized to approve a specific request, and send them email
notifications and reminders.

Permission Delegation

Secretary and Assistant

The new version introduces two new security principals: Secretary and Assistant.
When a Security Role is assigned to one of the principals, the permissions are granted
to the user or group specified in the Secretary or Assistant property
of a user account.

Password Self-Service

System Tray Notification to Enroll

Now Adaxes can periodically remind users to enroll for Password Self-Service by
popping up a balloon in the system notification area (system tray).

Administration Console

Grouping

The first thing you will see when you open Adaxes Administration Console is the
new Result Pane. Among other improvements, it allows you to arrange Active Directory
objects into groups, which greatly enhances user experience when browsing and managing
Active Directory. The Grouping feature is available in the Result Pane, Find dialog,
and Basket.

Data Import/Export

By following the expectations of our customers, we have improved the Import/Export
wizard.
Here is what we have done:

Export of Adaxes custom properties allowed.

Data validation for CSV files enhanced.

Support for Macintosh line breaks added.

BOM support for UTF-8 CSV files added.

Improved Performance

We have seriously worked on performance improvements for Adaxes Administration Console.
As a result, Active Directory browsing and searching now work several times faster
than before.

And more!

Automation

A new condition for Business Rules, Custom Commands and Scheduled Tasks added: If account/password expires.

Introduced two new virtual (calculated) properties: adm-ManagerPhone and adm-InitiatorManagerPhone.
The properties can be used to retrieve the phone number of user's manager and the
manager of the operation initiator.

Error reporting enhanced for the Run PowerShell
script action and If PowerShell script
returns true condition.

Logging

The way how operations on Adaxes configuration objects are logged has been improved
(got rid of tons of log records generated by one operation).

Log records for Approve, Deny and Cancel operations are now
human-readable.

Password Self-Service

Now Adaxes allows users to enroll for Password Self-Service if the only enabled
verification method is SMS Verification, there is no mobile number assigned to a
user account, and the user has the right to update their mobile number in Active
Directory.